[SCM] GNU gnutls branch, master, updated. gnutls_3_1

gnutls-commit
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-34-g083067e

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-34-g083067e
Date:	Wed, 31 Oct 2012 21:49:46 +0000
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=083067e630498f274608fa67308cb7dda816ac18

The branch, master has been updated
       via  083067e630498f274608fa67308cb7dda816ac18 (commit)
       via  2aa6ec13fc2976564f0046e67ea6e175f1f2a0d7 (commit)
      from  8fc613454022285610b0ac03eeeb3a6b9b8a0e15 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 083067e630498f274608fa67308cb7dda816ac18
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Oct 31 22:48:52 2012 +0100

    mention that GNUTLS_CERT_INVALID flag is deprecated by 
GNUTLS_CERT_SIGNER_NOT_FOUND and GNUTLS_CERT_SIGNATURE_FAILURE.

commit 2aa6ec13fc2976564f0046e67ea6e175f1f2a0d7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Oct 31 22:46:32 2012 +0100

    updated gnutls_certificate_verification_status_print() presentation

-----------------------------------------------------------------------

Summary of changes:
 lib/gnutls_cert.c               |   56 ++++++++++++++++++--------------------
 lib/includes/gnutls/gnutls.h.in |    3 +-
 src/common.c                    |    2 +-
 3 files changed, 30 insertions(+), 31 deletions(-)

diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c
index f803a65..5bb20f1 100644
--- a/lib/gnutls_cert.c
+++ b/lib/gnutls_cert.c
@@ -930,57 +930,55 @@ gnutls_certificate_verification_status_print (unsigned 
int status,
 
   _gnutls_buffer_init (&str);
 
+  if (status == 0)
+    _gnutls_buffer_append_str (&str, _("Peer's certificate is trusted. "));
+  else
+    _gnutls_buffer_append_str (&str, _("Peer's certificate is NOT trusted. "));
+
   if (type == GNUTLS_CRT_X509)
     {
-      if (status == 0)
-        _gnutls_buffer_append_str (&str, _("- Peer's certificate is 
trusted\n"));
-      else
-        {
-          if (status & GNUTLS_CERT_INVALID)
-            _gnutls_buffer_append_str (&str, _("- Peer's certificate is NOT 
trusted\n"));
+      if (status & GNUTLS_CERT_REVOKED)
+        _gnutls_buffer_append_str (&str, _("Peer's certificate chain revoked. 
"));
 
-          if (status & GNUTLS_CERT_REVOKED)
-            _gnutls_buffer_append_str (&str, _("- Peer's certificate chain 
revoked\n"));
+      if (status & GNUTLS_CERT_REVOCATION_DATA_TOO_OLD)
+         _gnutls_buffer_append_str (&str, _("The revocation data provided by 
the peer are too old. "));
 
-          if (status & GNUTLS_CERT_REVOCATION_DATA_TOO_OLD)
-              _gnutls_buffer_append_str (&str, _("- The revocation data 
provided by the peer are too old\n"));
+      if (status & GNUTLS_CERT_REVOCATION_DATA_INVALID)
+         _gnutls_buffer_append_str (&str, _("The revocation data provided by 
the peer are invalid. "));
 
-          if (status & GNUTLS_CERT_REVOCATION_DATA_INVALID)
-              _gnutls_buffer_append_str (&str, _("- The revocation data 
provided by the peer are invalid\n"));
+      if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
+         _gnutls_buffer_append_str (&str, _("Peer's certificate issuer is 
unknown. "));
 
-          if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
-              _gnutls_buffer_append_str (&str, _("- Peer's certificate issuer 
is unknown\n"));
-
-          if (status & GNUTLS_CERT_SIGNER_NOT_CA)
-              _gnutls_buffer_append_str (&str, _("- Peer's certificate issuer 
is not a CA\n"));
-        }
+      if (status & GNUTLS_CERT_SIGNER_NOT_CA)
+         _gnutls_buffer_append_str (&str, _("Peer's certificate issuer is not 
a CA. "));
       }
     else if (type == GNUTLS_CRT_OPENPGP)
       {
-        if (status == 0)
-          _gnutls_buffer_append_str (&str, _("- Peer's key is valid\n"));
-
-        if (status & GNUTLS_CERT_INVALID)
-          _gnutls_buffer_append_str (&str, _("- Peer's certificate is 
invalid\n"));
+        _gnutls_buffer_append_str (&str, _("Peer's certificate is not trusted. 
"));
 
         if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
-          _gnutls_buffer_append_str (&str, _("- Could not find a signer of the 
peer's certificate\n"));
+          _gnutls_buffer_append_str (&str, _("Could not find a signer of the 
peer's certificate. "));
 
         if (status & GNUTLS_CERT_REVOKED)
-          _gnutls_buffer_append_str (&str, _("- Peer's certificate is 
revoked\n"));
+          _gnutls_buffer_append_str (&str, _("Peer's certificate is revoked. 
"));
       }
 
   if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
-    _gnutls_buffer_append_str (&str, _("- Peer's certificate chain uses 
insecure algorithm\n"));
+    _gnutls_buffer_append_str (&str, _("Peer's certificate chain uses insecure 
algorithm. "));
 
   if (status & GNUTLS_CERT_NOT_ACTIVATED)
-    _gnutls_buffer_append_str (&str, _("- Peer's certificate chain uses not 
yet valid certificate\n"));
+    _gnutls_buffer_append_str (&str, _("Peer's certificate chain uses not yet 
valid certificate. "));
 
   if (status & GNUTLS_CERT_EXPIRED)
-    _gnutls_buffer_append_str (&str, _("- Peer's certificate chain uses 
expired certificate\n"));
+    _gnutls_buffer_append_str (&str, _("Peer's certificate chain uses expired 
certificate. "));
+
+  if (status & GNUTLS_CERT_SIGNATURE_FAILURE)
+    _gnutls_buffer_append_str (&str, _("The signature in the certificate is 
invalid. "));
 
   if (status & GNUTLS_CERT_UNEXPECTED_OWNER)
-    _gnutls_buffer_append_str (&str, _("- The name in the certificate does not 
match the expected\n"));
+    _gnutls_buffer_append_str (&str, _("The name in the certificate does not 
match the expected. "));
+
+  _gnutls_buffer_append_str (&str, "\n");
 
   ret = _gnutls_buffer_to_datum( &str, out);
   if (out->size > 0) out->size--;
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 98a86fb..ff0994a 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -430,7 +430,8 @@ extern "C"
 /**
  * gnutls_certificate_status_t:
  * @GNUTLS_CERT_INVALID: The certificate is not signed by one of the
- *   known authorities or the signature is invalid.
+ *   known authorities or the signature is invalid (deprecated by the flags 
+ *   %GNUTLS_CERT_SIGNATURE_FAILURE and %GNUTLS_CERT_SIGNER_NOT_FOUND).
  * @GNUTLS_CERT_SIGNATURE_FAILURE: The signature verification failed.
  * @GNUTLS_CERT_REVOKED: Certificate is revoked by its authority.  In X.509 
this will be
  *   set only if CRLs are checked.
diff --git a/src/common.c b/src/common.c
index 3e8932a..42ac6b6 100644
--- a/src/common.c
+++ b/src/common.c
@@ -340,7 +340,7 @@ cert_verify (gnutls_session_t session, const char* hostname)
           return 0;
       }
 
-    printf ("%s", out.data);
+    printf ("- %s", out.data);
     
     gnutls_free(out.data);
 


hooks/post-receive
-- 
GNU gnutls
[Prev in Thread]
Current Thread
[Next in Thread]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-34-g083067e, Nikos Mavrogiannopoulos <=
Prev by Date: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-32-g8fc6134
Previous by thread: [SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-32-g8fc6134
Index(es):
- Date
- Thread